Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-287

CWE-287

High likelihood

Improper Authentication

Parent: CWE-284 - Improper Access Control

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

4,374 vulnerabilities with CWE-287

CVE-2012-6437 CRITICAL

Rockwellautomation Controllogix Controllers - Authentication Bypass

ELinks < 0.12pre6 - Credential Delegation via HTTP Negotiate Authentication

i-GEN opLYNX < 2.01.9 - Unauthenticated Authentication Bypass via JavaScript Disabling

NetIQ Privileged User Manager < 2.3.1 HF2 - Unauthenticated Password Change via AMF Request

Foscam/Wansview IP Cameras - Auth Bypass

freeFTPd <= 1.0.11 - Authentication Bypass via Crafted SFTP Session

freeSSHd < 1.2.6 - Unauthenticated Authentication Bypass via Crafted Session

SSH Tectia Server 6.0.4-6.3.2 - Authentication Bypass via Blank Password

Samsung Kies Air 2.1.207051 and 2.1.210161 - Improper Authentication via IP Address Spoofing

EMC Smarts NCM <9.1 - Info Disclosure

ar web content manager 2.2 - Unauthenticated Improper Authentication via cookie_gen.php

JBoss Enterprise Portal Platform < 5.2.1 and SOA Platform < 5.2.0 - Information Disclosure via JGroups

Sinapsi eSolar, eSolar DUO, eSolar Light, and sinapsi_firmware < 2.0.2870 - Unauthenticated Administrative Access

IBM WebSphere DataPower XC10 Appliance 2.0.0.0-2.0.0.3 and 2.1.0.0-2.1.0.2 - Unauthenticated Denial of Service

Apache Tomcat 5.5.0-5.5.35 - Improper Authentication via Stale Nonce Bypass

Apache Tomcat 5.5.x < 5.5.36, 6.x < 6.0.36, 7.x < 7.0.30 - Authentication Bypass via Session ID

EMC RSA Data Protection Manager <3.2.1 - Auth Bypass

MosP kintai kanri < 4.0.9 - Authenticated User Impersonation

IBM Tivoli Federated Identity Manager < 6.2.2 and Business Gateway < 6.2.1 - Sensitive Information Exposure

Cisco Adaptive Security Appliance Software 8.2-8.3 - Denial of Service via Crafted Authentication Response

Eduserv OpenAthens SP 2.0 - Auth Bypass

Java Open Single Sign-On Project Home - Authentication Bypass via SAML Assertion Signature Exclusion

Apache Axis2 < 1.6.4 - Authentication Bypass via SAML Signature Exclusion

Apache Axis2 < 1.7.9 - Authentication Bypass via XML Signature Wrapping Attack

OpenStack Keystone Essex < 2012.1.2 and Folsom < folsom-3 - Authenticated Improper Authentication

Previous Page 148 of 175 Next

Details

Vulnerabilities 4,374

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy